Recently, the state-owned telecommunications provider,Bharat Sanchar Nigam Limited (BSNL) has come across a significant data breach.
Massive Data Breach In BSNL
BSNL has suffered the cyberattack which is said to be orchestrated by a threat actor known as “kiberphant0m” as per a Threat Intelligence Report by Athenian Tech.
During this attack, the hacker has compromised a substantial amount of sensitive data which is putting millions of users at risk.
This beach has affected critical data, including International Mobile Subscriber Identity (IMSI) numbers, SIM card information, Home Location Register (HLR) details, DP Card Data, and including the snapshots of BSNL’s SOLARIS servers.
Overall, a total of 278GB of sensitive information has been compromised.
Interestingly, the threat actor has claimed the responsibility for the attack while providing the samples to validate the data’s legitimacy.
Not only that, the threat actor who is responsible for the BSNL data breach has priced the stolen data at $5,000 (roughly Rs 4,17,000), as per the report.
Here, the offer was a part of a special deal which was available only from May 30, 2024, to May 31, 2024.
The high price tag indicates the data’s significant value due to its sensitive nature and extensive scope.
What Has Been Compromised?
This event has compromised the data which includes
- IMSI and SIM Details: Vital for the operation of SIM cards.
- HLR Details: Essential for network operations and user authentication.
- DP Card Data (8GB) and DP Security Key Data (130GB): Critical for BSNL’s security infrastructure.
- SOLARIS Server Snapshots (140GB): Potentially exposing operational secrets.
How Does It Affect?
- SIM Cloning and Identity Theft – It can affect in many ways including SIM cloning and identity theft. While doing Cloning, it involves creating a duplicate SIM card with the same IMSI and authentication keys as the original. This will help the attackers to intercept messages and calls, access bank accounts, and commit fraud, leading to severe personal and financial losses.
- Privacy Violations – With this, the personal information could be misused for unauthorized access to communications and data breaches.
- Financial and Identity theft – this could result in significant financial losses and identity theft by Fraudulent activities bypassing security measures on financial accounts.
- Targeted Attacks and Scams – this could also affect users as they may become targets of phishing schemes and social engineering attacks, exploiting their trust in BSNL.
What Actions Are Being Taken?
It doesn’t end here as the threat is not only limited to BSNL users, it may impact the operations of the company and national security.
Further, this breach can lead to service outages, degraded performance, and unauthorized access to telecom operations.
According to the Athenian Tech cybersecurity experts, they believe BSNL should take immediate action to contain the breach, secure network endpoints, and audit access logs.
Besides this, the telecom provider must also enhance their security measures, conduct frequent security audits, and adopt advanced threat detection technologies.
In the meantime, the users should monitor for unusual activity on their phones and bank accounts.
They also need to enable two-factor authentication (2FA) for an additional layer of security on all accounts.
